[93016] in Cypherpunks
Re: Adding SSL to things
daemon@ATHENA.MIT.EDU (Bill Stewart)
Sun Jan 11 18:09:59 1998
Date: Sun, 11 Jan 1998 13:21:45 -0800
To: Ryan Lackey <rdl@MIT.EDU>
From: Bill Stewart <bill.stewart@pobox.com>
Cc: cypherpunks@algebra.com
In-Reply-To: <tw73eivi7t4.fsf@the-great-machine.mit.edu>
Reply-To: Bill Stewart <bill.stewart@pobox.com>
At 06:11 AM 1/11/98 -0500, Ryan Lackey wrote:
>Does anyone know of a way I can take a web server, say AOLserver, which
>does not support useful SSL, and also does not distribute source, and
>retrofit a useful 128-bit SSL implementation to it? It has a C API, but
>I haven't looked at the API enough to see if I could do it within the API.
>Are there any proxies which could be stuck between the insecure server
>and the user (preferably with an ssh link between the servers) which could
>provide SSL proxy service? It seems like this should be trivial to do,
>but I haven't tried yet, and I want to have some reedeming value for this
>post.]
Why not just get a server that _does_ have useful SSL support,
like Apache-SSL (for non-US freeware) or Stronghold (for US commercial use)?
There are workarounds out there for undersecure clients,
like SafePassage and some German Java applet, but that's the easy side.
Thanks!
Bill
Bill Stewart, bill.stewart@pobox.com
PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
